aboutsummaryrefslogtreecommitdiffstats
path: root/util/add_widget_repo
diff options
context:
space:
mode:
authorredmatrix <git@macgirvin.com>2016-04-04 16:17:50 -0700
committerredmatrix <git@macgirvin.com>2016-04-04 16:17:50 -0700
commit01ad485f6517caba49b1917818ceaa477e6cc846 (patch)
tree79c954236988e9cdf98dcbfb110eba944e7601fd /util/add_widget_repo
parent447c59fd9b6ccac981b274d82f52ce4dd00e8b4a (diff)
downloadvolse-hubzilla-01ad485f6517caba49b1917818ceaa477e6cc846.tar.gz
volse-hubzilla-01ad485f6517caba49b1917818ceaa477e6cc846.tar.bz2
volse-hubzilla-01ad485f6517caba49b1917818ceaa477e6cc846.zip
SECURITY: Do not link unknown and unverified code repositories to the project without some form of confirmation that one accepts the significant risks involved.
Diffstat (limited to 'util/add_widget_repo')
-rwxr-xr-xutil/add_widget_repo13
1 files changed, 12 insertions, 1 deletions
diff --git a/util/add_widget_repo b/util/add_widget_repo
index 347e8e4e1..e7e316ba4 100755
--- a/util/add_widget_repo
+++ b/util/add_widget_repo
@@ -1,10 +1,21 @@
#!/bin/bash -f
-if [ $# -ne 2 ]; then
+if [ $# -lt 2 ]; then
echo usage: $0 repo_url nickname
exit 1
fi
+if [[ $1 != *"//github.com/redmatrix"* && $3 != 'insecure' ]]; then
+ echo "";
+ echo "This is NOT an official project repository.";
+ echo "In order to protect you from unverified and";
+ echo "possibly malicious content, this repository";
+ echo "will not be linked to your site unless you";
+ echo "append the word 'insecure' to the command.";
+ echo "";
+ exit 1
+fi
+
mkdir -p extend/widget/$2
mkdir widget > /dev/null 2>&1
git clone $1 extend/widget/$2